skip to main content
DOE Patents title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Secure key storage and distribution

Abstract

This disclosure describes a distributed, fault-tolerant security system that enables the secure storage and distribution of private keys. In one implementation, the security system includes a plurality of computing resources that independently store private keys provided by publishers and encrypted using a single security system public key. To protect against malicious activity, the security system private key necessary to decrypt the publication private keys is not stored at any of the computing resources. Rather portions, or shares of the security system private key are stored at each of the computing resources within the security system and multiple security systems must communicate and share partial decryptions in order to decrypt the stored private key.

Inventors:
Issue Date:
Research Org.:
Washington State Univ., Pullman, WA (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1183337
Patent Number(s):
9,049,011
Application Number:
13/967,029
Assignee:
Washington State University (Pullman, WA)
DOE Contract Number:  
OE0000097
Resource Type:
Patent
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING; 99 GENERAL AND MISCELLANEOUS

Citation Formats

Agrawal, Punit. Secure key storage and distribution. United States: N. p., 2015. Web.
Agrawal, Punit. Secure key storage and distribution. United States.
Agrawal, Punit. Tue . "Secure key storage and distribution". United States. https://www.osti.gov/servlets/purl/1183337.
@article{osti_1183337,
title = {Secure key storage and distribution},
author = {Agrawal, Punit},
abstractNote = {This disclosure describes a distributed, fault-tolerant security system that enables the secure storage and distribution of private keys. In one implementation, the security system includes a plurality of computing resources that independently store private keys provided by publishers and encrypted using a single security system public key. To protect against malicious activity, the security system private key necessary to decrypt the publication private keys is not stored at any of the computing resources. Rather portions, or shares of the security system private key are stored at each of the computing resources within the security system and multiple security systems must communicate and share partial decryptions in order to decrypt the stored private key.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2015},
month = {6}
}

Patent:

Save / Share:

Works referenced in this record:

Long-lived authentication protocols for process control systems
journal, December 2010

  • Chakravarthy, Rasika; Hauser, Carl; Bakken, David E.
  • International Journal of Critical Infrastructure Protection, Vol. 3, Issue 3-4, p. 174-181
  • DOI: 10.1016/j.ijcip.2010.10.001

Threshold cryptography
journal, July 1994


Impossibility of distributed consensus with one faulty process
journal, April 1985

  • Fischer, Michael J.; Lynch, Nancy A.; Paterson, Michael S.
  • Journal of the ACM, Vol. 32, Issue 2
  • DOI: 10.1145/3149.214121

The Byzantine Generals Problem
journal, July 1982

  • Lamport, Leslie; Shostak, Robert; Pease, Marshall
  • ACM Transactions on Programming Languages and Systems, Vol. 4, Issue 3
  • DOI: 10.1145/357172.357176

Byzantine quorum systems
journal, October 1998


CODEX: a robust and secure secret distribution system
journal, January 2004

  • Marsh, M. A.; Schneider, F. B.
  • IEEE Transactions on Dependable and Secure Computing, Vol. 1, Issue 1
  • DOI: 10.1109/TDSC.2004.3

How to share a secret
journal, November 1979


Proactive Resilience Revisited: The Delicate Balance Between Resisting Intrusions and Remaining Available
conference, October 2006

  • Sousa, Paulo; Neves, Nuno Ferreira; Verissimo, Paulo
  • 2006 25th IEEE Symposium on Reliable Distributed Systems (SRDS'06)
  • DOI: 10.1109/SRDS.2006.37

Survivable information storage systems
journal, January 2000

  • Wylie, J. J.; Bigrigg, M. W.; Strunk, J. D.
  • Computer, Vol. 33, Issue 8
  • DOI: 10.1109/2.863969

COCA: A secure distributed online certification authority
journal, November 2002

  • Zhou, Lidong; Schneider, Fred B.; Van Renesse, Robbert
  • ACM Transactions on Computer Systems, Vol. 20, Issue 4
  • DOI: 10.1145/571637.571638

APSS: proactive secret sharing in asynchronous systems
journal, August 2005

  • Zhou, Lidong; Schneider, Fred B.; Van Renesse, Robbert
  • ACM Transactions on Information and System Security, Vol. 8, Issue 3
  • DOI: 10.1145/1085126.1085127

How Resilient are Distributed f Fault/Intrusion-Tolerant Systems?
conference, January 2005

  • Sousa, P.; Neves, N. F.; Verissimo, P.
  • 2005 International Conference on Dependable Systems and Networks (DSN'05)
  • DOI: 10.1109/DSN.2005.55